from securestate.blogspot.com There’s a lot of confusion around Cross-frame Scripting. I’ve seen a number of online resources that describe it as just another type of Cross-site scripting, which only makes sense if you also misunderstand Cross-site scripting.